Hi, here is the 3rd version of the REST Authorization layer. I _think_ it can be merged to master, if it still meets the review requirements, because there was not too many comments for the last review pass.
Changelog since v2: * I rebased -i the regex patch into the path patch because it overrided too much code from it, it made no sense to ship them isolated. * I added a system to report the matching ACL (ie line and file) in case of a denied request (see last patch) * the rest is pretty much the same as in the v2 Please comment and review as usual, Brice Brice Figureau (8): Add RSpec unit tests for authconfig Add RSpec unit tests for network rights Add dynamic authorization to authstore Enhance authconfig format to support uri paths and regex Fix #1875 - Add a REST authorization system Fix some indirector failing tests Add environment support in the REST authorization layer Refactor rest authorization to raise exceptions deeper conf/auth.conf | 68 +++ lib/puppet/defaults.rb | 5 + lib/puppet/network/authconfig.rb | 95 +++-- lib/puppet/network/authstore.rb | 41 ++- lib/puppet/network/http/handler.rb | 9 + lib/puppet/network/rest_authconfig.rb | 72 +++ lib/puppet/network/rest_authorization.rb | 64 +++ lib/puppet/network/rights.rb | 204 ++++++++-- spec/integration/indirector/certificate/rest.rb | 4 +- .../indirector/certificate_request/rest.rb | 4 +- .../indirector/certificate_revocation_list/rest.rb | 4 +- spec/integration/indirector/report/rest.rb | 2 + spec/integration/indirector/rest.rb | 10 +- spec/unit/network/authconfig.rb | 258 +++++++++++ spec/unit/network/http/handler.rb | 33 ++ spec/unit/network/rest_authconfig.rb | 119 +++++ spec/unit/network/rest_authorization.rb | 68 +++ spec/unit/network/rights.rb | 474 ++++++++++++++++++++ test/network/authstore.rb | 49 ++- test/network/rights.rb | 6 +- 20 files changed, 1513 insertions(+), 76 deletions(-) create mode 100644 conf/auth.conf create mode 100644 lib/puppet/network/rest_authconfig.rb create mode 100644 lib/puppet/network/rest_authorization.rb create mode 100644 spec/unit/network/authconfig.rb create mode 100644 spec/unit/network/rest_authconfig.rb create mode 100644 spec/unit/network/rest_authorization.rb create mode 100644 spec/unit/network/rights.rb --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en -~----------~----~----~----~------~----~------~--~---
